package server

import (
	"github.com/gin-gonic/gin"

	"github.com/dhao2001/mygo/internal/app"
	"github.com/dhao2001/mygo/internal/handler"
	"github.com/dhao2001/mygo/internal/middleware"
)

func setupProtectedRoutes(rg *gin.RouterGroup, webApp *app.WebApp) {
	jwtSecret := []byte(webApp.Config.JWT.Secret)
	authHandler := handler.NewAuthHandler(webApp.AuthService)

	rg.Use(middleware.AuthRequired(jwtSecret))

	account := rg.Group("/account")
	{
		account.GET("", authHandler.GetAccount)

		passkeys := account.Group("/passkeys")
		{
			passkeys.GET("", authHandler.ListPasskeys)
			passkeys.POST("", authHandler.CreatePasskey)
			passkeys.DELETE("/:id", authHandler.RevokePasskey)
		}
	}
}